Microsoft's Mobile Focus Includes Strong Support for Competing Platforms

In a windowless training room in Building 92 on the Redmond campus, key Microsoft Server & Tools executives and team members recently gave a two-day workshop outlining the company's cloud services and mobility pipeline. With the "cloud first, mobile first" theme that describes almost everything Microsoft does these days, it's striking that the briefing room in the company's main Visitor Center had no windows. Perhaps, coincidently, there was marginal emphasis on Windows during the workshop.

That's not to suggest Microsoft is throwing in the towel on Windows by any stretch, despite slow uptake for Windows Phone, Windows 8.x and its Surface line of tablet PCs. Microsoft says it's indeed committed to Windows and Surface. Evidence of that can be found in the new Surface Pro 3, released last month and arguably its best iteration of the combined tablet PC so far (see "First Look: Microsoft Surface Pro 3").

But if anything has become clear under the new regime at Microsoft, Windows is no longer the No. 1 priority, (see Mary Jo Foley's "Microsoft Is No Longer Windows First," ). Microsoft has already begun emphasizing that with System Center 2012 R2, but now the company is showing a newfound appreciation for today's world of devices with its new approach to mobile device management (MDM).

Indeed, Gartner Inc. predicts Windows will only account for 25 percent of all mobile devices in use in the next few years, not including desktops and laptops. During the workshop in Redmond, Brad Anderson, corporate vice president of Microsoft's Cloud & Enterprise Division, led the discussion previewing the company's mobility efforts and how it was helping IT move forward in the bring your own device (BYOD) era. Anderson said he would announce the release of the new Microsoft Enterprise Mobility Suite (EMS) at TechEd in Houston, which took place a week later.

Mobility Imperative from the Top
Microsoft's new CEO Satya Nadella had revealed EMS just weeks earlier but it was overshadowed by his announcement that Microsoft was finally making Office available natively for the iPad. But Anderson made clear EMS was no sidebar: It's a significant part of the Microsoft mobility story and one Nadella intends to emphasize.

"It's interesting to think about Satya's first appearance as the CEO of the company -- the two things he announced was Office going cross-platform and the introduction of the Enterprise Mobility Suite," Anderson told the group. "I think that helps you understand the importance of what this Enterprise Mobility Suite is in the company."

The EMS is a bundle that includes the new Microsoft Azure Active Directory Premium, Azure Rights Management and Window InTune. It's priced at $7.50 per month per user, though the company is offering it at an introductory price of $4. EMS is at the core of Microsoft's push into mobile device management that lets IT distribute, manage, secure and wipe business data on popular device types including Apple iOS, Google Android, Windows 8.x, Windows RT, and Windows Phone and lets administrators configure and implement policies.

Microsoft believes EMS can obviate the need for third-party MDM suites from the likes of AirWatch (recently acquired by VMware Inc.), Good Technology and MobileIron. Like those and dozens of other MDM vendors, EMS delivers software in containers or application wrappers to most popular mobile devices but will default to the native MDM features of the OSes. "We're delivering this first in iOS," Anderson said, not even stating the obvious -- that the company is giving preference to a platform other than Windows. Microsoft is also working with Samsung to make KNOX, its fork of Android with Windows to follow.

It isn't just EMS that's treating non-Windows devices as superior or at least equal citizens. Microsoft also launched the preview for Azure RemoteApp at TechEd, which will deliver Windows apps to Windows PCs and tablets, Apple Macs and iPads, and Android tablets using the Remote Desktop Protocol (RDS) and RemoteFX. Azure RemoteApp is only in preview and Microsoft hasn't said how it will deliver the new offering.

With EMS, the technology to develop the wrappers was developed by the team that built the Microsoft Application Virtualization (App-V) software in 2006 to deploy and manage virtual applications. However, Anderson says EMS isn't just a basic rewrite of the App-V software platform.

Mobility Suite Components
Anderson emphasized that the built-in identity and access management with Azure Active Directory Premium also sets EMS apart from MDM suites. Released in April, Azure Active Directory Premium provides enhanced data synchronization, cloud-based self-service password management and single sign-on to all Microsoft and more than 1,200 widely used third-party Software as a Service (SaaS) apps, including Box and Salesforce.com.

"We think it all starts with identity and identity management," Anderson said. "Ninety percent of all organizations use Active Directory as their authoritative source and we're extending it with Azure Active Directory. Now you're able to take these investments you've made with Active Directory, extend them to the cloud and extend them to all the services an organization wants to use," notably SaaS offerings.

Azure Active Directory Premium also supports multi-factor authentication and generates security reports that flag log-in irregularities and threats based on machine learning. It also enables Group Management with the option of user-based self-service management of groups. Used with Azure Rights Management Services (RMS), administrators can determine if users can forward, copy or print files from Office 365, SharePoint and Exchange.

"Microsoft, VMware and Citrix are in essence trying to commoditize mobile device management in order to sell higher services," says David Willis, chief of research for Mobility and Communications at Gartner. "With Microsoft, it's all about System Center Configuration Manager and InTune, and along the way, if [it] can get the MDM market, I think [the company's] willing to do that. That's why all these other players are moving up with more sophisticated containers and secure file sharing."

Willis says there are 23 major providers of MDM software or services and another 25 more on the fringes. Despite all of the buzz about mobility and device management, MDM is only a $700 million market today, according to Gartner. And while consolidation of the numerous players is inevitable, relatively new players have big aspirations. Good and MobileIron have both recently filed plans for IPOs and BlackBerry (formerly known as Research In Motion Ltd., or RIM) is betting that the MDM intellectual property it has can give the beleaguered device maker a new calling.

CIOs Blindsided by BYOD
MDM is the second most popular of Gartner's numerous magic quadrant, bested only by business intelligence and analytics, according to Willis. It's become popular relatively quickly because CIOs across the board were blindsided by the BYOD trend that has rapidly evolved, Willis says. "The MDM space is white hot," he says. "Everyone wants to be in it."

And IT decision makers in companies of all sizes also want to ensure they're serving their employees, contractors and customers, while not risking data loss. Rebecca Sattin, director of information technology at Mitchell, Silberberg & Knupp LLP (MS&K), a Los Angeles-based law firm with offices in New York and Washington, D.C., was among those who realized the limitations of ActiveSync two years ago.

MS&K has 125 attorneys who all have multiple devices, most using a combination of tablets and a laptop. When Sattin first took over, its core tool to enable mobility was Microsoft ActiveSync. When attorneys leave the firm, she was looking for a way to better remove firm data from the device. "With all the security concerns, I started worrying what we should do when someone leaves out the company," she says.

The law firm looked at MDM solutions and decided on Good Dynamics, which is known for its large ecosystem of ISV and SaaS partners. "What I like about Good is the secure, encrypted partitions," she says. "That way we have control over the part of the device we care about and the rest of it they can do whatever they want."

Asked about Microsoft's new push into MDM, Sattin says she's encouraged by the company's moves, including its decision to offer encryption for Office 365 and OneDrive for Business, but says there's no immediate plan to make the move.

Forrester Research Inc. analyst Jeffrey Hammond says he and his colleagues are seeing a greater push toward mobile infrastructure services as an alternative to discrete services such as management, middleware and analytics.

"So the question really becomes, do people go with the suite-based model and try to get all of their services from a single vendor, which I don't think they really can yet because there's so many across all the different markets," Hammond says. "Or do they assemble them from different providers?

"So I get my management services from one company and I get my engagement services from another. But, basically, SDKs and APIs and that sort of thing are the outgrowth of that.

"So you can pull out the UI from these products and make the services available and then embeddable into native apps or hybrid apps or in the Web or anything that developers choose," Hammond explains.

MDM Battleground
Time will tell what impact the Microsoft EMS has on the MDM market and to what lengths the company will go to become a dominant player. Last year, IBM acquired FiberLink, supplier of the MaaS360 suite, for an undisclosed sum and VMware bought AirWatch, one of the leading MDM providers, for $1.54 billion. The two companies that filed IPOs this year, Good Technology and MobileIron, are said to be valued at more than $1 billion.

Asked if Microsoft's move into the MDM market could threaten the incumbents, Good Technology CEO Christy Wyatt says the company views Microsoft as a partner, not a competitor. "We have a very strong relationship with Microsoft, but as with any one of these providers, there's going to be parts of the company that want to do MDM and there will be parts of the company that want to partner with Good," Wyatt says.

At its New York gathering last month, the company said it has 5,000 customers and its MDM platform is used by all of the top commercial banks, aerospace companies, defense firms and health care providers. Good Dynamics currently processes 1.8 billion secure messages every week.

Wyatt says she isn't concerned by the bigger and much more established players such as Citrix Systems Inc., IBM, Microsoft and VMware making aggressive moves into MDM. Good Dynamics is more than just MDM, she argues, "it's a mobile security application platform that's going to deliver manageability, security, and usability across operating systems in a very scalable and flexible way."

Gartner's Willis agrees that mobility management is moving up the stack to the application tier. "It's not just about policy management on the device, it's really about these applications that work together as a suite, if you will, so I can support workflows that are secure," he says.

Microsoft surely is aware of that. The only question is: Will it build or buy to get there.